Re: [trill] WG LC on draft-ietf-trill-over-ip-14.txt - Consensus reached

Joe Touch <> Tue, 20 February 2018 01:30 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 81906127869; Mon, 19 Feb 2018 17:30:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.988
X-Spam-Status: No, score=-1.988 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id f7hNMCYIyBju; Mon, 19 Feb 2018 17:30:47 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 5FF60126D45; Mon, 19 Feb 2018 17:30:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;; s=default; h=To:References:Message-Id:Cc:Date:In-Reply-To: From:Subject:Mime-Version:Content-Type:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=LmkpBA28twybHE0jZORU/ZGSmWQdamkrpJUIBYFxRlM=; b=VWaEKbOByj464rLMp4ab/hFeG ZL2iYUai+lxpMBmVfxp06cUfTOfB4xPRpJRCocfshkeLnzeCiSq3cifPFHQ4rQ7EmRfYaWLW7HgJT ukSe7qcB25CyJNB3iIE1XCcq3xP9EwPjlWNJzwnmRPZRPk3G7e7YWFXFkolOhyfxKi0r7hBqNVkMe SaJK4/9fKOPKBbpbe/h0Yi7JRA4AtXkwW+72LJPL1QRNaLFpH+SkerEUnYPSz53VuMWJOFfWucaXa BJv22TX5XSBrVnC5vxP4Rpe0qGCeBLZSXCxx6HlkZFIEa95nb8AHni4FGUggg2QeZzMqyg4EZ6cRH 059JmY19A==;
Received: from ([]:54241 helo=[]) by with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89_1) (envelope-from <>) id 1enwlL-003YqV-P0; Mon, 19 Feb 2018 20:30:41 -0500
Content-Type: multipart/alternative; boundary="Apple-Mail=_F509CDD9-FE8C-4A1F-B34E-13F281A21DDF"
Mime-Version: 1.0 (Mac OS X Mail 11.2 \(3445.5.20\))
From: Joe Touch <>
In-Reply-To: <053501d3a9e2$c7b57f60$57207e20$>
Date: Mon, 19 Feb 2018 17:30:25 -0800
Cc: trill IETF mailing list <>,, Alia Atlas <>
Message-Id: <>
References: <03b401d3a9c5$8ebe3d40$ac3ab7c0$> <> <053501d3a9e2$c7b57f60$57207e20$>
To: Susan Hares <>
X-Mailer: Apple Mail (2.3445.5.20)
X-OutGoing-Spam-Status: No, score=-1.0
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname -
X-AntiAbuse: Original Domain -
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain -
X-Get-Message-Sender-Via: authenticated_id:
X-From-Rewrite: unmodified, already matched
Archived-At: <>
Subject: Re: [trill] WG LC on draft-ietf-trill-over-ip-14.txt - Consensus reached
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Developing a hybrid router/bridge." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 20 Feb 2018 01:30:50 -0000


These links weren’t hard to find. That shouldn’t be surprising - there have been line-rate hardware encapsulated and encrypted Ethernet links for a while now.

They include GRE over IPsec, among others.

The points I want to make are brief:
	- this solution isn’t remotely needed because *existing* commercial devices and protocols are sufficient
	- the solution as described is incoherent from a transport perspective

Fixing the title and/or polling vendors won’t change the above.

This document, in its current form, is unnecessary and incorrect. If nobody else can see why, then there are bigger problems than I can fix here.


> On Feb 19, 2018, at 4:35 PM, Susan Hares <> wrote:
> Joe: 
> Thank you for the post on cavium’s and Cisco’s GRE.   I hope the vendors with TRILL products and these hardware devices will investigate this solution.  However, the suggestion IPSEC + upper layers came from those vendors with TRILL products.  
> As to the name, I acknowledge the issue.  If you have a proposed solution that you think fits,  we’re listening (Alia, Jon, I and the authors) are listening.  The document title can change during the IETF LC process.    
> Sue 
> From: Joe Touch [] 
> Sent: Monday, February 19, 2018 4:40 PM
> To: Susan Hares
> Cc: trill IETF mailing list;; Alia Atlas
> Subject: Re: [trill] WG LC on draft-ietf-trill-over-ip-14.txt - Consensus reached
> On Feb 19, 2018, at 1:06 PM, Susan Hares < <>> wrote:
> Greetings: 
> Thank you for your comments on the draft-ietfd-trill-over-ip-xx.txt   The WG has reached consensus on the draft, and it will be sent forward to the IESG. 
> I want to thank Magnus Westlund, Ines Robles, and Joe Touch for their targeted reviews.  
> Joe asked two important questions that I want to chat about in announcing the result.  
> 1)      Why IPSEC + TCP/UDP tunnels 
> 2)      Why the name TRILL over IP? – it is really TRILL over IP enabled Transport port protocols 
> During this WG LC, I spent time looking back into my notes to check our evaluation of the alternatives GRE, TLS, or DLTS.  I also asked the  WG leadership team (Jon, Sue, and Donald with Alia Atlas help) to discuss these points that Joe raised.     Here’s what I found. 
> 1)      Why IPSEC and TCP/UDP tunnels
> After I walked through the WG archives, I found that over several IETFs we debated TLS, DTLS, and GRE.   Our most substantive debate was at IETF 91.   The WG had settle on utilizing GRE, TLS, or DLTS – until hardware vendors implementing TRILL came to chat with the WG at IETF 91.   The hardware vendors asked that we would utilize IPSEC and higher layer tunnels (TCP/UDP) so that TRILL switches could operate at line speed using these IPSEC processing chips off board.  The WG decided to listen to vendor creating and deploying TRILL capable devices. 
> The hardware vendors reasoning still seems valid to the WG chairs and the WGs.   If in the future hardware comes up with TLS, DTLS or GRE at Ethernet switch line rates and vendors want a TRILL product with these tunnels, I’m sure that a Routing AD or  the RTGWG draft will sponsor such a draft.  
> <>
> <>
>> 2)      Is the name TRILL over IP valid? 
>> Now as to the name, Joe was correct the name should be changed since it is really TRILL over IPSEC + Transport.   Donald’s make the change to the title of the document, and in the document.   
> “IP transport” implies using IP as a tunneling layer, which is not part of this document’s proposed approach.
> Further, the description of how it interacts with TCP is incoherent to anyone familiar with TCP transport (“slicing” packets and claiming to place them directly into TCP payloads).
> Joe